NamedCheckconf parser - command named-checkconf -p

Named-checkconf is a syntax checking tool for named configuration file. Named is a name server used by BIND.

class insights.parsers.named_checkconf.NamedCheckconf(context)[source]

Bases: CommandParser

Class for parsing the named-checkconf -p command.

is_dnssec_disabled

True, if dnssec is not enabled, False otherwise.

Type:

bool

dnssec_line

The line which disabled dnssec, if it is not enabled, None otherwise.

Type:

string

disable_algorithms

Dictionary where the key is a domain and the value is a list of all algorithms associated with it.

Type:

dict

disable_ds_digests

Dictionary where the key is a domain and the value is a list of all digests associated with it.

Type:

dict

Raises:

SkipComponent -- When content is empty or cannot be parsed.

Sample output of this command is:

logging {
    channel "default_debug" {
        file "data/named.run";
        severity dynamic;
    };
};
options {
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    listen-on port 53 {
        127.0.0.1/32;
    };
    listen-on-v6 port 53 {
        ::1/128;
    };
    managed-keys-directory "/var/named/dynamic";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    pid-file "/run/named/named.pid";
    recursing-file "/var/named/data/named.recursing";
    secroots-file "/var/named/data/named.secroots";
    session-keyfile "/run/named/session.key";
    statistics-file "/var/named/data/named_stats.txt";
    disable-algorithms "." {
        "RSAMD5";
        "DSA";
    };
    disable-ds-digests "." {
        "GOST";
    };
    dnssec-enable yes;
    dnssec-validation yes;
    recursion yes;
    allow-query {
        "localhost";
    };
};
managed-keys {
    "." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
                FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
                bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
                X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
                W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
                Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
                QxA+Uk1ihz0=";
    "." initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
                +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
                ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
                0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e
                oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd
                RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN
                R1AkUTV74bU=";
};
zone "." IN {
    type hint;
    file "named.ca";
};
zone "localhost.localdomain" IN {
    type master;
    file "named.localhost";
    allow-update {
        "none";
    };
};
zone "localhost" IN {
    type master;
    file "named.localhost";
    allow-update {
        "none";
    };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
    type master;
    file "named.loopback";
    allow-update {
        "none";
    };
};
zone "1.0.0.127.in-addr.arpa" IN {
    type master;
    file "named.loopback";
    allow-update {
        "none";
    };
};
zone "0.in-addr.arpa" IN {
    type master;
    file "named.empty";
    allow-update {
        "none";
    };
};

Examples

>>> type(named_checkconf)
<class 'insights.parsers.named_checkconf.NamedCheckconf'>
>>> named_checkconf.is_dnssec_disabled
False
>>> named_checkconf.dnssec_line is None
True
>>> named_checkconf.disable_algorithms
{'.': ['RSAMD5', 'DSA']}
>>> named_checkconf.disable_ds_digests
{'.': ['GOST']}
parse_content(content)[source]

This method must be implemented by classes based on this class.

retrieve_disabled(section_regex, source)[source]

Parses ‘disable-algorithms’ or ‘disable_ds_digests’ section into a dictionary, where the key is a domain and the value is a list of all algorithms/digests associated with it.

section_regex

The regular expression for a given section.

Type:

string

source

The source in which a given section is searched for.

Type:

string